{"id":"ALPINE-CVE-2022-31623","details":"MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd-\u003ectrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.","modified":"2025-12-03T22:50:20.724338Z","published":"2022-05-25T21:15:08.657Z","upstream":["CVE-2022-31623"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2022-31623"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Alpine:v3.16","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.17","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.18","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}},{"package":{"name":"mariadb","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/mariadb?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.6.7-r0"}]}],"versions":["10.0.21-r0","10.0.21-r1","10.0.21-r2","10.1.11-r0","10.1.11-r1","10.1.12-r0","10.1.12-r1","10.1.13-r0","10.1.13-r1","10.1.14-r0","10.1.14-r1","10.1.14-r2","10.1.14-r3","10.1.16-r0","10.1.17-r0","10.1.17-r1","10.1.18-r0","10.1.18-r1","10.1.19-r0","10.1.20-r0","10.1.21-r0","10.1.22-r0","10.1.22-r1","10.1.22-r2","10.1.24-r0","10.1.26-r0","10.1.28-r0","10.1.28-r1","10.1.28-r2","10.1.31-r0","10.1.8-r0","10.1.8-r1","10.1.9-r0","10.1.9-r1","10.1.9-r2","10.1.9-r3","10.2.13-r0","10.2.13-r1","10.2.14-r0","10.2.14-r1","10.2.14-r2","10.2.15-r0","10.3.10-r0","10.3.10-r1","10.3.11-r0","10.3.12-r0","10.3.12-r1","10.3.12-r2","10.3.13-r0","10.3.13-r1","10.3.13-r2","10.3.13-r3","10.3.13-r4","10.3.15-r0","10.3.16-r0","10.3.9-r0","10.3.9-r1","10.3.9-r2","10.4.10-r0","10.4.10-r1","10.4.11-r0","10.4.12-r0","10.4.13-r0","10.4.13-r1","10.4.14-r0","10.4.6-r0","10.4.6-r1","10.4.7-r0","10.4.8-r0","10.5.11-r0","10.5.11-r1","10.5.5-r0","10.5.6-r0","10.5.8-r0","10.5.9-r0","10.6.3-r0","10.6.4-r0","10.6.4-r1","10.6.4-r2","5.5.41-r0","5.5.41-r1","5.5.41-r2","5.5.42-r0","5.5.42-r1","5.5.42-r2","5.5.42-r3","5.5.42-r4","5.5.43-r0","5.5.43-r1","5.5.43-r2","5.5.43-r3","5.5.43-r4","5.5.43-r5"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-31623.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}